new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity
42714daeda
game/reg.php

350 lines
15 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
const GAME = true;
include('_incl_data/__config.php');
include('_incl_data/class/__db_connect.php');
$chat = new Chat();
$r = new UserRegister();
$filter = new Filter();
if (isset($_POST['ajax_reg'])) {
$u = User::start();
if (isset($u->info['id']) && $u->info['bithday'] == '01.01.1800') {
//
$_POST['reg_login'] = iconv('UTF-8', 'windows-1251', $_POST['reg_login']);
//
$reg_d = [0 => $_POST['reg_login'], 1 => $_POST['reg_pass'], 2 => $_POST['reg_pass2'], 3 => $_POST['reg_mail'], 7 => $_POST['reg_dd'], 8 => $_POST['reg_mm'], 9 => $_POST['reg_yy'], 15 => $_POST['reg_sex']];
//
$error = '';
//
//Çàïðåùåííûå ëîãèíû
$nologin = [0 => 'àíãåë', 1 => 'angel', 2 => 'àäìèíèñòðàöèÿ', 3 => 'administration', 4 => 'Êîììåíòàòîð', 5 => 'Ìèðîçäàòåëü', 6 => 'Ìóñîðùèê', 7 => 'Ïàäàëüùèê', 8 => 'Ïîâåëèòåëü', 9 => 'Àðõèâàðèóñ', 10 => 'Ïåðåñìåøíèê', 11 => 'Âîëûíùèê', 12 => 'Ëîðä Ðàçðóøèòåëü', 13 => 'Ìèëîñåðäèå', 14 => 'Ñïðàâåäëèâîñòü', 15 => 'Èñêóøåíèå', 16 => 'Âîçíåñåíèå', 17 => 'coombats', 18 => 'êîîìáàòñ ðó', 19 => 'Êîîìáàòñ _ðó'];
$blacklist = "!@#$%^&*()\+¨¸|/'`\"";
$sr = '_-éöóêåíãøùçõúôûâàïðîëäæýÿ÷ñìèòüáþ¸1234567890';
$i = 0;
while ($i < count($nologin)) {
if (preg_match("/" . $nologin[$i] . "/i", $filter->mystr($reg_d[0]))) {
$error = 'Âûáåðèòå, ïîæàëóéñòà, äðóãîé íèê.<br>';
$_POST['step'] = 1;
$i = count($nologin);
}
$i++;
}
$reg_d[0] = str_replace(' ', ' ', $reg_d[0]);
//Ëîãèí îò 2 äî 20 ñèìâîëîâ
if (strlen($reg_d[0]) > 20) {
$error = 'Ëîãèí äîëæåí ñîäåðæàòü íå áîëåå 20 ñèìâîëîâ.<br>';
$_POST['step'] = 1;
}
if (strlen($reg_d[0]) < 2) {
$error = 'Ëîãèí äîëæåí ñîäåðæàòü íå ìåíåå 2 ñèìâîëîâ.<br>';
$_POST['step'] = 1;
}
//Îäèí àëôàâèò
$er = $r->en_ru($reg_d[0]);
if ($er) {
$error = 'Â ëîãèíå ðàçðåøåíî èñïîëüçîâàòü òîëüêî áóêâû îäíîãî àëôàâèòà ðóññêîãî èëè àíãëèéñêîãî. Íåëüçÿ ñìåøèâàòü.<br>';
$_POST['step'] = 1;
}
//Çàïðåùåííûé ñèìâîëû
if (strpos($sr, $reg_d[0])) {
$error = 'Ëîãèí ñîäåðæèò çàïðåùåííûå ñèìâîëû.<br>';
$_POST['step'] = 1;
}
//Ïåðñîíàæè â áàçå
$log = mysql_fetch_array(
mysql_query('SELECT `id` from `users` where `login`="' . mysql_real_escape_string($reg_d[0]) . '" LIMIT 1')
);
$log2 = mysql_fetch_array(
mysql_query(
'SELECT `id` from `lastNames` where `login`="' . mysql_real_escape_string($reg_d[0]) . '" LIMIT 1'
)
);
$log3 = mysql_fetch_array(
mysql_query(
'SELECT `id` from `test_bot` where `login`="' . mysql_real_escape_string(
$reg_d[0]
) . '" OR `login` LIKE "' . mysql_real_escape_string($reg_d[0]) . ' [%]" LIMIT 1'
)
);
if (isset($log['id']) || isset($log2['id']) || isset($log3['id'])) {
$error = 'Ëîãèí ' . $reg_d[0] . ' óæå çàíÿò, âûáåðèòå äðóãîé.<br>';
$_POST['step'] = 1;
}
//Ðàçäåëèòåëè
if (substr_count($reg_d[0], ' ') + substr_count($reg_d[0], '-') + substr_count($reg_d[0], '_') > 2) {
$error = 'Íå áîëåå äâóõ ðàçäåëèòåëåé îäíîâðåìåííî (ïðîáåë, òèðå, íèæíåå ïîä÷åðêèâàíèå).<br>';
$_POST['step'] = 1;
}
$reg_d[0] = trim($reg_d[0], ' ');
//ïðîâåðÿåì ïàðîëü
if (strlen($reg_d[1]) < 6 || strlen($reg_d[1]) > 30) {
$error = 'Äëèíà ïàðîëÿ íå ìîæåò áûòü ìåíüøå 6 ñèìâîëîâ èëè áîëåå 30 ñèìâîëîâ.<br>';
$_POST['step'] = 2;
}
if ($reg_d[1] != $reg_d[2]) {
$error = 'Â àíêåòå ïàðîëü íóæíî ââåñòè äâàæäû, äëÿ ïðîâåðêè. Âî âòîðîé ðàç âû åãî ââåëè íåâåðíî, áóäüòå âíèìàòåëüíåå.<br>';
$_POST['step'] = 2;
}
if (preg_match('/' . $reg_d[0] . '/i', $reg_d[1])) {
$error = 'Ïàðîëü ñîäåðæèò ýëåìåíòû ëîãèíà.<br>';
$_POST['step'] = 2;
}
if ($reg_d[1] != $reg_d[2]) {
$error = 'Ïàðîëè íå ñîâïàäàþò.<br>';
$_POST['step'] = 2;
}
if ($_POST['step'] != 2) {
$stp = 3;
$noup = 0;
}
//ïðîâåðÿåì e-mail
if (strlen($reg_d[3]) < 6 || strlen($reg_d[3]) > 50) {
$error = 'E-mail íå ìîæåò áûòü êîðî÷å 6-õ ñèìâîëîâ è äëèíåå 50-òè.<br>';
$_POST['step'] = 3;
}
if (!preg_match('#^[a-z0-9.!\#$%&\'*+-/=?^_`{|}~]+@([0-9.]+|([^\s]+\.+[a-z]{2,6}))$#si', $reg_d[3])) {
$error = 'Âû óêàçàëè ÿâíî îøèáî÷íûé E-mail.<br>';
$_POST['step'] = 3;
}
if ($_POST['mail_post'] != 'true') {
$error = 'Äàéòå ðàçðåøåíèå íà âîçìîæíîñòü ðàññûëêè èíôîðìàöèè íà âàø E-mail';
}
$reg_d[4] = $chat->str_count($reg_d[4], 30);
$reg_d[5] = $chat->str_count($reg_d[5], 30);
if ($_POST['step'] != 3) {
$stp = 4;
$noup = 0;
}
$reg_d[6] = $chat->str_count($reg_d[6], 90);
$reg_d[7] = round($reg_d[7]);
$reg_d[8] = round($reg_d[8]);
$reg_d[9] = round($reg_d[9]);
if ($reg_d[7] < 1 || $reg_d[7] > 31 || $reg_d[8] < 1 || $reg_d[8] > 12 || $reg_d[9] < 1920 || $reg_d[9] > 2006) {
$error = 'Îøèáêà â íàïèñàíèè äíÿ ðîæäåíèÿ.<br>';
$_POST['step'] = 4;
}
if ($reg_d[15] != 1 && $reg_d[15] != 2) {
$error = 'Âû óêàçàëè íå âåðíûé ïîë.<br>';
$_POST['step'] = 4;
}
if ($error == '') {
if ($reg_d[15] != 2) {
$reg_d[15] = 0;
} else {
$reg_d[15] = 1;
}
setcookie('login', $reg_d[0], time() + 60 * 60 * 24 * 7, '', $c['host']);
setcookie('pass', md5($reg_d[1]), time() + 60 * 60 * 24 * 7, '', $c['host']);
mysql_query(
'UPDATE `users` SET
`login` = "' . mysql_real_escape_string($reg_d[0]) . '",
`activ` = "1",
`pass` = "' . mysql_real_escape_string(md5($reg_d[1])) . '",
`mail` = "' . mysql_real_escape_string($reg_d[3]) . '",
`bithday` = "' . mysql_real_escape_string($reg_d[7] . '.' . $reg_d[8] . '.' . $reg_d[9]) . '",
`sex` = "' . mysql_real_escape_string($reg_d[15]) . '",
`fnq` = "0"
WHERE `id` = "' . mysql_real_escape_string($u->info['id']) . '" LIMIT 1'
);
if ($u->info['host_reg'] > 0) {
$refer = mysql_fetch_array(
mysql_query('SELECT `id` FROM `users` WHERE `id` = "' . $u->info['host_reg'] . '" LIMIT 1')
);
if (isset($refer['id'])) {
$u->addItem(3199, $u->info['id']);
$u->addItem(4005, $refer['id']);
} else {
$u->addItem(3199, $u->info['id']);
$nast = 1001398;
mysql_query(
'UPDATE `users` SET
`host_reg` = "' . $nast . '"
WHERE `id` = "' . mysql_real_escape_string($u->info['id']) . '" LIMIT 1'
);
}
} else {
$u->addItem(3199, $u->info['id']);
$nast = 1001398;
mysql_query(
'UPDATE `users` SET
`host_reg` = "' . $nast . '"
WHERE `id` = "' . mysql_real_escape_string($u->info['id']) . '" LIMIT 1'
);
}
//Âûäàåì ïðåäìåòû è îòïðàâëÿåì ñîîáùåíèå â ÷àò//Âûäàåì ïðåäìåòû è îòïðàâëÿåì ñîîáùåíèå â ÷àò//Âûäàåì ïðåäìåòû è îòïðàâëÿåì ñîîáùåíèå â ÷àò//Âûäàåì ïðåäìåòû è îòïðàâëÿåì ñîîáùåíèå â ÷àò
$text = '<b>' . $reg_d[0] . '</b>, åñëè ó Âàñ âîçíèêëè çàòðóäíåíèÿ ñ âûïîëíåíèåì êâåñòà, ïåðåéäèòå ïî ñëåäóþùåé ññûëêå - <a href=https://new-combats.com/library/noobguide/ target=_blank >www.new-combats.com/library/noobguide</a> ';
mysql_query(
"INSERT INTO `chat` (`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`,`new`) VALUES ('capitalcity','0','','" . $reg_d[0] . "','" . $text . "','" . time(
) . "','6','0','1')"
);
$refer = mysql_fetch_array(
mysql_query(
'SELECT `id`,`login`,`banned`,`admin`,`level` FROM `users` WHERE `id` = "' . mysql_real_escape_string(
$_GET['ref']
) . '" LIMIT 1'
)
);
if (isset($refer['id'])) {
mysql_query(
"INSERT INTO `items_users` (`gift`,`uid`,`item_id`,`data`,`iznosMAX`,`geniration`,`maidin`,`time_create`) VALUES ('" . $refer['login'] . "','" . $u->info['id'] . "','3199','noodet=1|items_in_file=sunduk_new|var_id=1|open=1|noremont=1|nodelete=1|nosale=1|sudba=" . mysql_real_escape_string(
$reg_d[0]
) . "',1,2,'capitalcity'," . time() . ")"
);
}
//Ðóáàõà
$re = $u->addItem(1, $u->info['id'], '|');
if ($re > 0) {
mysql_query('UPDATE `items_users` SET `gift` = "Ìèðîçäàòåëü" WHERE `id` = "' . $re . '" LIMIT 1');
}
//Øòàíû
$re = $u->addItem(73, $u->info['id'], '|');
if ($re > 0) {
mysql_query('UPDATE `items_users` SET `gift` = "Ìóñîðùèê" WHERE `id` = "' . $re . '" LIMIT 1');
}
$re = $u->addItem(2133, $u->info['id'], '|sudba=' . $reg_d[0] . '|nosale=1|srok=' . (86400 * 14) . '');
if ($re > 0) {
mysql_query('UPDATE `items_users` SET `gift` = "Àðõèâàðèóñ" WHERE `id` = "' . $re . '" LIMIT 1');
}
$error = 'Ðåãèñòðàöèÿ ïðîøëà óñïåøíî! Ñïàñèáî!<br>×åðåç 3 ñåê. Âû áóäåòå ïåðåíàïðàâëåíû â èãðó!<script>setTimeout(\'top.location.href="/bk"\',2000);</script>';
}
die($error);
}
} else {
function error($e)
{
exit($e);
}
if (isset($_COOKIE['login'])) {
setcookie('login', '', time() - 60 * 60 * 24 * 30, '', '.new-combats.com/');
setcookie('pass', '', time() - 60 * 60 * 24 * 30, '', '.new-combats.com/');
//
setcookie('login', '', time() - 60 * 60 * 24 * 30);
setcookie('pass', '', time() - 60 * 60 * 24 * 30);
//
}
$lr = mysql_fetch_array(
mysql_query(
'SELECT `id`,`ipreg`,`pass`,`bithday`,`login` FROM `users` WHERE `cityreg`="capitalcity" AND `timereg`>"' . (time(
) - 60 * 60 * 1) . '" AND `ipreg` = "' . mysql_real_escape_string(IP) . '" LIMIT 1'
)
);
if (isset($lr['id2'])) {
if (isset($lr['id']) && $lr['bithday'] == '01.01.1800') {
if (isset($_GET['enter'])) {
setcookie('login', $lr['login'], time() + 60 * 60 * 24 * 7, '', $c['host']);
setcookie('pass', $lr['pass'], time() + 60 * 60 * 24 * 7, '', $c['host']);
header('location: /bk');
}
error(
'Íåäàâíî ñ âàøåãî IP óæå ðåãèñòðèðîâàëñÿ ïåðñîíàæ. Ñ îäíîãî IP àäðåñà ðàçðåøåíà ðåãèñòðàöèÿ ïåðñîíàæåé íå ÷àùå, ÷åì ðàç â ÷àñ. Ïîïðîáóéòå ïîçæå.<br>Äëÿ àâòîðèçàöèè <b>' . $lr['login'] . '</b> ïåðåéäèòå ïî ññûëêå: <a href="/reg.php?enter">Àâòîðèçèðîâàòüñÿ</a>'
);
} else {
error(
'Íåäàâíî ñ âàøåãî IP óæå ðåãèñòðèðîâàëñÿ ïåðñîíàæ. Ñ îäíîãî IP àäðåñà ðàçðåøåíà ðåãèñòðàöèÿ ïåðñîíàæåé íå ÷àùå, ÷åì ðàç â ÷àñ. Ïîïðîáóéòå ïîçæå.<br>'
);
}
} else {
//Ñîçäàåì ïåðñîíàæà
if ((int)$_GET['ref'] > 0) {
mysql_query(
"UPDATE `users` SET `referals` = `referals` + 1 WHERE `id` = '" . mysql_real_escape_string(
(int)$_GET['ref']
) . "' LIMIT 1"
);
}
$pass = md5(md5(rand(0, 100.) . '#' . rand(0, 1000)));
mysql_query(
'INSERT INTO `users` (`host_reg`,`pass`,`ip`,`ipreg`,`city`,`cityreg`,`room`,`timereg`) VALUES (
"' . mysql_real_escape_string(0 + $_GET['ref']) . '",
"' . mysql_real_escape_string($pass) . '",
"' . mysql_real_escape_string(IP) . '",
"' . mysql_real_escape_string(IP) . '",
"capitalcity",
"capitalcity",
"0",
"' . time() . '"
)'
);
$uid = mysql_insert_id();
if ($uid > 0) {
$login = 'Íîâè÷îê' . $uid;
mysql_query(
'UPDATE `users` SET `login` = "' . mysql_real_escape_string(
$login
) . '" WHERE `id` = "' . $uid . '" LIMIT 1'
);
//Ñîçäàåì ñòàòû ïåðñîíàæà
mysql_query("INSERT INTO `online` (`uid`,`timeStart`) VALUES ('" . $uid . "','" . time() . "')");
mysql_query(
"INSERT INTO `stats` (`id`,`stats`) VALUES ('" . $uid . "','s1=3|s2=3|s3=3|s4=3|rinv=40|m9=5|m6=10')"
);
//ìóëüòû
$ipm1 = mysql_fetch_array(
mysql_query(
'SELECT * FROM `logs_auth` WHERE `uid` = "' . mysql_real_escape_string(
$uid
) . '" AND `ip`!="' . mysql_real_escape_string(IP) . '" ORDER BY `id` ASC LIMIT 1'
)
);
$ppl = mysql_query(
'SELECT * FROM `logs_auth` WHERE `ip`!="" AND (`ip` = "' . mysql_real_escape_string(
IP
) . '" OR `ip`="' . mysql_real_escape_string($ipm1['ip']) . '" OR `ip`="' . mysql_real_escape_string(
$_COOKIE['ip']
) . '")'
);
while ($spl = mysql_fetch_array($ppl)) {
$ml = mysql_fetch_array(
mysql_query(
'SELECT `id` FROM `mults` WHERE (`uid` = "' . $spl['uid'] . '" AND `uid2` = "' . $uid . '") OR (`uid2` = "' . $spl['uid'] . '" AND `uid` = "' . $uid . '") LIMIT 1'
)
);
if (!isset($ml['id']) && $spl['ip'] != '' && $spl['ip'] != '127.0.0.1') {
mysql_query(
'INSERT INTO `mults` (`uid`,`uid2`,`ip`) VALUES ("' . $uid . '","' . $spl['uid'] . '","' . $spl['ip'] . '")'
);
}
}
mysql_query(
"INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('" . $uid . "','" . mysql_real_escape_string(
IP
) . "','" . mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']) . "','1','" . time() . "','')"
);
//Îáíîâÿåì òàáëèöû
mysql_query(
"UPDATE `users` SET `online`='" . time() . "',`ip` = '" . mysql_real_escape_string(
IP
) . "' WHERE `uid` = '" . $uid . "' LIMIT 1"
);
if (!setcookie('login', $login, (time() + 60 * 60 * 24 * 7), '', '.new-combats.com') || !setcookie(
'pass', $pass, (time() + 60 * 60 * 24 * 7), '', '.new-combats.com'
)) {
die('Îøèáêà ñîõðàíåíèÿ cookie.');
}
header('location: /bk');
}
}
}
Reference in New Issue View Git Blame Copy Permalink